Date: Thu, 16 Jul 1998 14:43:05 +0200 (CEST) From: Marino Ladavac <lada@pc8811.gud.siemens.at> To: Thomas David Rivers <rivers@dignus.com> Cc: freebsd-hackers@freefall.cdrom.com Subject: RE: ipfw rules for exposing an internal machine's port externall Message-ID: <XFMail.980716144305.lada@pc8811.gud.siemens.at> In-Reply-To: <199807161205.IAA01215@lakes.dignus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 16-Jul-98 Thomas David Rivers wrote: > > > However, I have an internal machine (10.0.0.10) that's set up > to do telnet connections on a different port (e.g. port #PPPP in > the following example.) > > I would like to make those connections available externally. > > So - I've got added: > > ipfw add 50 pass log tcp from any PPPP to 10.0.0.10 PPPP > ipfw add 50 pass log udp from any PPPP to 10.0.0.10 PPPP > > But, if I telnet to the gateway machine at port PPPP as in: > telnet gateway PPPP > all I get is: > Trying x.x.x.x... > telnet: Unable to connect to remote host: Connection refused Hardly any wonder. There is nothing that listens on port PPPP on the gateway machine--ergo, connection refused. > > > If I, however, telnet on the internal network to 10.0.0.10 PPPP > I get connected just fine. Sure, because there is someone listening on port PPPP on 10.0.0.10 > > > > Has anyone done this before? That is, map a particular port number > on one machine to a different one? And, use that with divert to > make a service on an internal machine externally visible? If so, how? First, you don't need divert for that (nor do you want it). What you need is a listener on gateway at port PPPP which then opens a connection to 10.0.0.10 PPPP and forwards all bytes from one end to the other. Take a look at SAMBA, they used to have such a utility (it was used for SMB protocol reverse engineering). /Marino > > - Thanks - > - Dave Rivers - > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message ---------------------------------- Marino Ladavac Date: 16-Jul-98 Time: 14:38:05 ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.980716144305.lada>